138005aa2aea9c19ef541a933b02e81c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

138005aa2aea9c19ef541a933b02e81c
Size

494KB
MD5

138005aa2aea9c19ef541a933b02e81c
SHA1

3815273ba5378d433a8cc35adaa0b90b9708fe8a
SHA256

3eea6656c8dd85ae6b2f09d5ca1bee254f57af365b63796fcbef6816ccde4511
SHA512

fa1bd8b057d942ebac5584f76ce9210022050d7b32c21b8b17ec05c36c3336121fae84c9ebc94ddd6668cc7772e1aa6264f8fdf9b85a044fc4a6f501ede4a022
SSDEEP

3072:RJ0Q0trYsj3LcOFqE6vUBmHgqp58IFIbtYhBnfnpFXSjtfZd:30d9rLxDkA6xFIpY/nfpp8v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
138005aa2aea9c19ef541a933b02e81c

Files

138005aa2aea9c19ef541a933b02e81c
.dll windows:4 windows x86 arch:x86

0ec7778113987791e00aaf55969b5c26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetTextAlign
GetCurrentPositionEx
CreateCompatibleBitmap

shell32

SHGetDiskFreeSpaceA
Shell_NotifyIconA

user32

GetCapture
GetMenu
KillTimer
UnregisterClassA
WindowFromPoint
UnhookWindowsHookEx
wsprintfA
UpdateWindow

kernel32

ExitProcess
VirtualAllocEx
VirtualAlloc
LockResource
SetEndOfFile
ResetEvent
LocalAlloc
LoadLibraryA
ReadFile

Exports

Exports

_GiTqlr3DbB
Ig0AMt925_L
zzOvKhj@4
_NkKIWNsJsOydG
_vhmXiqjiIf4wA
_K5PxcB6FD7Whpx

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1024B - Virtual size: 853B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ